function sanitizeString($var)
{
$var = stripsplashes($var);
$var = strip_tags($var);
$var = htmlentities($var);
return $var;
}
function showProfile($user)
{
if (file_exists("{$user}.jpg")) {
echo "<img src = '{$user}.jpg'> align='left' />";
}
$result = queryMysql("SELECT * FROM profiles WHERE user = '******'");
if (mysql_num_rows($result)) {
$row = mysql_fetch_row($result);
echo stripsplashes($row[1]) . "<br clear=left /><br />";
}
}
